Hi, According to the documentation, you can do this, but it is strongly discouraged. In the correct scenario, it would be more sensible to use a signed certificate or perform SSL forwarding on a load balancer. I recommend against testing this in a production environment. in $SPLUNK_HOME/etc/system/local/server.conf
[sslConfig]
enableSplunkdSSL = false [sslConfig]
* Set SSL for communications on Splunk back-end under this stanza name.
* NOTE: To set SSL (for example HTTPS) for Splunk Web and the browser,
use the web.conf file.
* Follow this stanza name with any number of the following setting/value
pairs.
* If you do not specify an entry for each setting, the default value
is used.
enableSplunkdSSL = <boolean>
* Enables/disables SSL on the splunkd management port (8089) and KV store
port (8191).
* NOTE: Running splunkd without SSL is not recommended.
* Distributed search often performs better with SSL enabled.
* Default: true
... View more